IBM Tivoli and Cisco Network Card User Manual

Open as PDF

of 516

Appendix A. Hints and tips 449

then to determine the actual problem based on the expected behavior of the

solution.

Assuming that all of the software has been installed and is running, when the

client first tries to connect to a protected network, it should receive a pop-up

message from the Cisco Trust Agent stating either that the client is healthy or that

the client has been quarantined.

If no message appears, either the Cisco Trust Agent is not running on the client

(check the Windows services panel for the Cisco Trust Agent) or the Network

Access Device is not seeing the client. Also be sure that the host’s personal

firewall and the NAD configuration allow pings. An easy way to check out this

situation is to ping a host in the protected network.

 If the pings are successful, then the client should either have received a

“healthy” message or the NAD may be configured to allow clientless devices

(for example, with no Cisco Trust Agent running) access.

 If the pings time out (Request Timed Out) then the NAD is not performing

correctly.

 If the pings fail with a

Destination Unreachable message, then the NAD is

quarantining the host and the Cisco Trust Agent is probably not running.

If a message appears, then the NAD and the Cisco Trust Agent are

communicating correctly.

If a client is quarantined, then the remediation handler (the Security Compliance

Manager pop-up GUI) should display all of the violations along with the options to

Rescan, Fix Now, or Close:

 Any manual remediation actions should be followed with Rescan to cause any

state changes to be detected, and the next time the network polls with a

StatusQuery, the state change will cause a full PostureQuery and the

evaluation process will be restarted.

 Fix Now requests automated remediation and initiates the remediation

events.

 Close simply closes the remediation handler.

When Fix Now is clicked, the automated remediation process starts.

At this point, the remediation handler requests remediation from the Tivoli

Configuration Manager Web Gateway via the SoftwarePackageServlet

application that is installed on the server. The remediation information passed by

the client is analyzed by this servlet and the relevant remediation objects are sent

to the client. The remediation handler then manages the installation and

execution of these remediation objects and then triggers a rescan of the

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

IBM Tivoli and Cisco Network Card User Manual